1335 matches found
CVE-2024-48928
Piwigo CVE-2024-48928 affects 14.x branch installations where secret_key is set to MD5(RAND()) in MySQL. RAND() offers about 30 bits of entropy, making brute-forcing feasible within roughly an hour. The CSRF token partially derives from the secret_key, allowing verification of a brute-force attem...
PT-2026-21769
Name of the Vulnerable Software and Affected Versions Piwigo versions 14.x Description Piwigo is a photo gallery application for the web. In versions on the 14.x branch, the secret key configuration parameter is set to MD5RAND during installation when using MySQL. The RAND function has limited...
Unauthenticated File Upload in Gogs
Security Advisory:Unauthenticated File Upload in Gogs Vulnerability Type: Unauthenticated File Upload Date: Aug 5, 2025 Discoverer: OpenAI Security Research Summary Gogs exposes unauthenticated file upload endpoints by default. When the global RequireSigninView setting is disabled default, any...
GitLab 18.4 < 18.4.4 / 18.5 < 18.5.2 (CVE-2025-11990)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - GitLab has remediated an issue in GitLab EE affecting all versions from 18.4 before 18.4.4, and 18.5 before 18.5.2 that could have allowed an authenticated user to gain CSRF tokens by exploiting...
Exploit for CVE-2025-2304
Camaleon CMS -p Arguments - -t, --target Base t...
CVE-2025-59891
Cross-Site request forgery CSRF vulnerability in Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18. An authenticated user could cause another user to perform unwanted actions within the application they are logged into. This vulnerability is possible due to the lack of...
CVE-2026-24037
Horilla HRMS has_XSS bypass in version 1.4.0 due to incomplete, context-agnostic regex filtering in has_xss(), enabling attackers to redirect users, run external JavaScript, and steal CSRF tokens for admin-targeted CSRF attacks. The issue is fixed in version 1.5.0. Affected: Horilla 1.4.x → fixed...
CVE-2026-24037 Horilla HRM has XSS Bypass through Project Name
Horilla is a free and open source Human Resource Management System HRMS. In version 1.4.0, the hasxss function attempts to block XSS by matching input against a set of regex patterns. However, the regexes are incomplete and context-agnostic, making them easy to bypass. Attackers are able to...
PT-2026-3913
Name of the Vulnerable Software and Affected Versions Horilla versions prior to 1.5.0 Description Horilla is a Human Resource Management System HRMS. The has xss function in version 1.4.0 attempts to prevent Cross-Site Scripting XSS by using regular expressions to filter input. However, these...
CVE-2023-45374
An issue was discovered in the SportsTeams extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. It does not check for the anti-CSRF edit token in Special:SportsTeamsManager and Special:UpdateFavoriteTeams...
CVE-2021-33338
The Layout module in Liferay Portal 7.1.0 through 7.3.2, and Liferay DXP 7.1 before fix pack 19, and 7.2 before fix pack 6, exposes the CSRF token in URLs, which allows man-in-the-middle attackers to obtain the token and conduct Cross-Site Request Forgery CSRF attacks via the pauth parameter...
CVE-2021-28055
An issue was discovered in Centreon-Web in Centreon Platform 20.10.0. The anti-CSRF token generation is predictable, which might allow CSRF attacks that add an admin user...
CVE-2022-42975
socket/transport.ex in Phoenix before 1.6.14 mishandles checkorigin wildcarding. NOTE: LiveView applications are unaffected by default because of the presence of a LiveView CSRF token...
CVE-2019-18376
A CSRF token disclosure vulnerability allows a remote attacker, with access to an authenticated Management Center MC user's web browser history or a network device that intercepts/logs traffic to MC, to obtain CSRF tokens and use them to perform CSRF attacks against MC...
CVE-2022-23475
daloRADIUS is an open source RADIUS web management application. daloRadius 1.3 and prior are vulnerable to a combination cross site scripting XSS and cross site request forgery CSRF vulnerability which leads to account takeover in the mng-del.php file because of an unescaped variable reflected in...
CVE-2022-27671
A CSRF token visible in the URL may possibly lead to information disclosure vulnerability...
CVE-2021-47735
CMSimple 5.4 contains an authenticated remote code execution vulnerability that allows logged-in attackers to inject malicious PHP code into template files. Attackers can exploit the template editing functionality by crafting a reverse shell payload and saving it through the template editing...
CVE-2021-47736
CMSimpleXH 1.7.4 contains an authenticated remote code execution vulnerability in the content editing functionality that allows administrative users to upload malicious PHP files. Attackers with valid credentials can exploit the CSRF token mechanism to create a PHP shell file that enables arbitra...
PT-2025-52835
Name of the Vulnerable Software and Affected Versions CMSimple version 5.4 Description The software contains an authenticated remote code execution issue that allows logged-in attackers to inject malicious PHP code into template files. Attackers can exploit the template editing functionality by...
linkding 安全漏洞
linkding is a bookmark manager that can be self-hosted by the individual developer Sascha Ißbrücker. A security vulnerability exists in linkding that stems from the file upload feature in the bookmarks and asset rendering pipeline that allows the upload of malicious SVG files containing JavaScrip...